After upgrading to Symantec Endpoint Protection 14-14 MP1 and setting the registry value for LauncSmcGui to 0 as per Citrix and terminal server best practices for Endpoint Protection, multiple ccSvcHst executable files are launched and kept in RAM for every user that logs onto the device.

This issue is fixed in Symantec Endpoint Protection 14 MP2. For information on how to obtain the latest build of Symantec Endpoint Protection, see Download the latest version of Symantec Endpoint Protection.